SAN FRANCISCO ( TheStreet) -- Staples (SPLS) announced Friday that cyber thieves may have compromised the credit cards of 1.16 million of its customers, a disclosure that comes on the eve of the last shopping weekend before Christmas. Whether the timing of this news puts a dent in customers' shopping behavior at such a critical time has yet to be seen.

On Friday it released greater detail. The office supply retailer announced that malicious software was put on its point-of-sale systems at 115 of its U.S. retail stores. With this hack attack, cyber thieves were able to access information on credit card transactions and put that knowledge to use.

For 113 of the 115 affected stores, transaction data may have been accessed for payment cards used from August 10 through September 16, 2014. For the remaining two stores, transactions from July 20 through September 16, 2014 may have been accessed.

Additionally, during our investigation we received reports of fraudulent payment card use related to four stores in Manhattan, New York at various times from April through September 2014.

Staples released its updated information after the markets closed. In after-hours trading, the stock dipped 0.11% to $17.53. It closed down 0.51% to $17.55 during the regular session.

After a security breach, 12% of shoppers tend to avoid the retailer that was hit, according to a report by Interactions. Additionally, 79% of shoppers who continue to use the affected retailer prefer to use cash rather than their debit or credit cards. With retail sales coming down to the wire this holiday season on whether it will be a boom or bust, retailers can’t afford to lose any customers this holiday season.

This article is commentary by an independent contributor. At the time of publication, the author held no positions in the stocks mentioned.